>
> > My nodes have two Ethernet ports on the back, and I would like to use
> > the ports this way:
> >
> > * Use the first port (NIC1, which defaults to eth0 in Linux) as the
> > permanent network connection connected to the public network. I will
> > not put DHCP server on the public network.
> > * Use the secondary NIC (NIC2, e.g. eth1) as a temporary network
> > connection which is only used during the provisioning. This network
> > has the DHCP server, TFTP server, etc. When I'm done with
> > provisioning, I remove the cable.
> >
> > This is a pretty common configuration at many sites.
> >
> > Foreman and Puppet can speak on both networks.
> >
> > I've noticed that Foreman will only create files under
> > /var/lib/tftpboot/pxelinux.cfg/00-AA-BB-CC-DD-EE-FF
for the Primary
> > Interface, and only if it matches a known subnet. Foreman will not
> > create any files for the secondary interface.
> >
> > Can I use this secondary interface for provisioning?
>
> In theory it could be added, but currently the non-primary NICs only get
> DHCP and DNS orchestration - no TFTP. I wonder if we'd need it
> configurable or not? I'd suggest adding a feature request.
>
Looks like someone beat me to it: Feature #3554: Enable provisioning on
non-primary interface <Feature #3554: Enable provisioning on non-primary interface - Foreman>
> > If I do use the Primary Interface for provisioning, I noticed that the
> > network settings for the Primary Interface will get changed as soon as
> > Puppet updates the facts, and I believe I can disable this behavior
> > using ignore_puppet_facts_for_provisioning
, per [the Wiki: Foreman
> > configuration
> > <Foreman configuration - Foreman>
> .
>
> This issue's been filed (from another bug report) to change the default
> to true, which might be more useful than the current default:
> Bug #3864: Change ignore_puppet_facts_for_provisioning default to true - Foreman
>
Thanks again Dominic.
Another side effect of this: If the DNS proxy is active, and I name a host
like 'web01' with the private IP address of 172.16.100.100 then that
hostname is assigned to the temporary address on the private, provisioning
network.
If I create a second interface on the public network, and try to assign the
hostname 'web01.example.org' to that interface, I run into a DNS conflict
like:
Conflicts have been detected
>
> The following entries were found conflicting with what foreman wanted to
> apply.
>
> Please review them carefully, if you are certain that they should be
> removed, please click on overwrite.
> DNS A Records web01/172.16.100.100 already exists
>
As a result, I either need to deactivate the DNS proxy, rename my nodes
within foreman or chose a temporary and inaccurate name for the interface.
-= Stefan
···
On Monday, December 16, 2013 1:05:03 AM UTC-8, Dominic Cleal wrote:
> On 14/12/13 00:13, Stefan Lasiewski wrote: